GNU bug report logs - #19998
GREP_OPTIONS alternative?

Previous Next

Package: grep;

Reported by: Christian Kujau <lists <at> nerdbynature.de>

Date: Wed, 4 Mar 2015 07:09:02 UTC

Severity: normal

Done: Paul Eggert <eggert <at> cs.ucla.edu>

Bug is archived. No further changes may be made.

Full log

Message #46 received at 19998-done <at> debbugs.gnu.org (full text, mbox):

From: Paul Eggert <eggert <at> cs.ucla.edu>
To: Christian Kujau <lists <at> nerdbynature.de>
Cc: 19998-done <at> debbugs.gnu.org
Subject: Re: bug#19998: GREP_OPTIONS alternative?
Date: Fri, 13 Mar 2015 19:11:36 -0700

Christian Kujau wrote:
> An "attacker" can set $PATH to /tmp and do stuff too.

Sure, but that's well-known and standardized and it's easy (and expected) for 
administrative applications to sanitize PATH.  The problem comes when we have 
lots of mysterious little environment variables any of which can wreak havoc.

This bug report was last modified 10 years and 133 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #19998 GREP_OPTIONS alternative?

GNU bug report logs - #19998
GREP_OPTIONS alternative?